-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: What's the most interesting small town you've visited in South Africa?
Afrihost and Mailservers
- Thread starter Gadget Man
- Start date
Had exactly the same issue. Couldn't connect to my own private smtp server ( mx points to a dyndns - server is on a WA dsl line).
Other smtp servers worked - even saix, not that I could send, but a telnet session on P25 i got at least an answer back.
But not from my own.
Reboot of the router and everything worked again.
Strange.
Other smtp servers worked - even saix, not that I could send, but a telnet session on P25 i got at least an answer back.
But not from my own.
Reboot of the router and everything worked again.
Strange.
A lot of clients would rather use their own server so they can send from where ever they are on whatever network they may be useing....
I have noticed IS has implemented something called "CallOut" which can play havoc if your mailserver has greylisting or firewall / spam filters.
Given me major headache's in the past.
http://rackerhacker.com/2007/03/29/451-could-not-complete-sender-verify-callout/
.
Given me major headache's in the past.
http://rackerhacker.com/2007/03/29/451-could-not-complete-sender-verify-callout/
.
¯\_(ツ)_/¯
Honorary Master
- Joined
- Apr 20, 2005
- Messages
- 24,524
- Reaction score
- 27,460
Grand. Sitting here in the morning trying to fixing something that is NOT MY problem. 
Logged at ticket yesterday already. Reply:
I disputed it and proved it is being blocked. Reply
Reply later:
Taurus Extrectum jumps to mind. Connecting from a dynamic IP (Afrihost assigned) to a server not in an RBL and not blocked on the other end, proves this wrong.
Now here is the joke. I manage the mail server I'm trying to connect to. It's not on an RBL and hasn't been.
Yet, now to satisfy some illogical reason, I have to change ports, switch all my clients, alternatively punch another hole into my firewall ... I think not.
Something is broken and somebody is not admitting it. Not new either: http://forums.pcformat.co.za/viewtopic.php?f=25&t=36257&start=30 - Posted: Mon Nov 16, 2009 8:42 am
No working:
Another overseas mail server I manage:
If not broken, but deliberate under the circumstances:
http://www.internet.org.za/ect_act...._to_interception_of_or_interference_with_data
Logged at ticket yesterday already. Reply:
I disputed it and proved it is being blocked. Reply
Reply later:
Taurus Extrectum jumps to mind. Connecting from a dynamic IP (Afrihost assigned) to a server not in an RBL and not blocked on the other end, proves this wrong.
Now here is the joke. I manage the mail server I'm trying to connect to. It's not on an RBL and hasn't been.
Yet, now to satisfy some illogical reason, I have to change ports, switch all my clients, alternatively punch another hole into my firewall ... I think not.
Something is broken and somebody is not admitting it. Not new either: http://forums.pcformat.co.za/viewtopic.php?f=25&t=36257&start=30 - Posted: Mon Nov 16, 2009 8:42 am
No working:
Another overseas mail server I manage:
If not broken, but deliberate under the circumstances:
http://www.internet.org.za/ect_act...._to_interception_of_or_interference_with_data
Tinuva
The Magician
Having port 587 open on your mail server is actually normal these days. This doesn't mean you should remove port 25, it only means you should open up 587 in addition to 25, so that user's whose ISPs block SMTP can still use your server to send mail via the Submission port (aka 587).
Afrihost-Moshe
Afrihost Client Care Manager
Hi All
I have been asked my the senior developer to divert your attention to the following webpage for all your answers on SMTP related queries:
http://support.afrihost.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=257&nav=0,55
I have been asked my the senior developer to divert your attention to the following webpage for all your answers on SMTP related queries:
http://support.afrihost.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=257&nav=0,55
¯\_(ツ)_/¯
Honorary Master
- Joined
- Apr 20, 2005
- Messages
- 24,524
- Reaction score
- 27,460
http://support.afrihost.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=257&nav=0,55 says:
In a nutshell; trying to blame spam or viruses etc is just a knee jerk reactions at the moment and is not going to fly.
So what is the basis for unfounded blocking of traffic to SMTP port 25 at 196.38.73.114 or cdsl1-rba-vl50.ip.isnet.net = 196.38.73.109? Are the below IPs delegated to Afrihost or is it still with IS?
N/A - trying to send another mail servers.
tcptraceroute: See previous post above - who is responsible for the blocking hop?
In a nutshell; trying to blame spam or viruses etc is just a knee jerk reactions at the moment and is not going to fly.
So what is the basis for unfounded blocking of traffic to SMTP port 25 at 196.38.73.114 or cdsl1-rba-vl50.ip.isnet.net = 196.38.73.109? Are the below IPs delegated to Afrihost or is it still with IS?
Interesting that you are the ONLY person who seems to be having a problem. Is it perhaps something on the destination network that is broken?
These may be obvious but nevertheless here goes;
1. Can you 'telnet localhost 25' on the actual mail server?
2. If you can, then try recreating the dst-nat rules
3. Perhaps get hold of an iburst modem to eliminate the adsl connection
1. Can you 'telnet localhost 25' on the actual mail server?
2. If you can, then try recreating the dst-nat rules
3. Perhaps get hold of an iburst modem to eliminate the adsl connection
¯\_(ツ)_/¯
Honorary Master
- Joined
- Apr 20, 2005
- Messages
- 24,524
- Reaction score
- 27,460
Actually not
We find other odd posts about this in other places as well, ex: http://forums.pcformat.co.za/viewtopic.php?f=25&t=362571. Can you 'telnet localhost 25' on the actual mail server?
Yes, no problems. My issue only arises when I use my Afrihost acct. When using Axxess I can connect through to the mail server ( I am not playing off one against the other).
2. If you can, then try recreating the dst-nat rules
No issues here. Mail server is on a fixed IP.
3. Perhaps get hold of an iburst modem to eliminate the adsl connection.
Erm :erm:
In a nutshell, my diagnosis shows:
From afrihost to mail server: telnet mailserver 25 => fails
All sources, local and international, except from my Afrihost acct: telnet mailserver 25 => okay
SMTP request gets blocked on it's routing from hop 196.38.73.114 to 196.38.73.109 when using my Afrihost acct.
Since I am happy with Afrihost otherwise (except for a small issue I am sure Artur will resolve) and as such would hate this to become a show stopper for me.
¯\_(ツ)_/¯
Honorary Master
- Joined
- Apr 20, 2005
- Messages
- 24,524
- Reaction score
- 27,460
Seems this is going nowhere and I have lost all patience and tried keeping my cool. I have been accused of spamming and other nefarious activities (utter unsubstantiated BS) and no attempt was made at looking at the issue from a technical perspective.
Unfortunately I am not an IS client, rather an Afrihost client and despite asking who the offending hop belongs to, being willing to take the issue up with them, I have received no answers. Unfortunately it seems Afrihost has an admin at trying to play BOFH.http://en.wikipedia.org/wiki/Bastard_Operator_From_Hell, even threatening to cancel my acct, claiming my mail server is on Spamhaus etc - but Spamhaus shows all is clean. Then he goes on (bold my own)
I asked for proof of this wild allegation or demanded an apology. None was forthcoming.
If you cannot even use an email client to connect to your locally hosted mail server using the RFC compliant protocol and your mail server is not blocking it (it never reached the mail server and is dropped in transit on the routing), I would not say it is as good as Axxess, MWeb or any of the other workings solutions. It's a bit like selling a luxury car that fails to start yet you claim it's superior to a clapped out Datsun. So much for the special offer.
This issue was escalated to Gian and other management, but Gian and most of senior management are out of the office. Apart from a promise to look into it by Artur, no answers have been forthcoming. Time goes by ...
With the assistance of another Afrihost client (thank you!) I managed to narrow this down to an issue with the routing and blocking my Afrihost account.
Here is a table of traces highlighting the issue:
http://174.36.167.74/trace.html
1st col: my Afrihost acct hits IP 196.38.73.114 and then drops everything after this hop on an attempt to connect to port 25 on my server. Port 80 etc works fine and allows for a full trace.
2nd col: A friend assisted and with his Afrihost account from my location, he has no issues.
3rd col: From my friend's location, the trace is similar with no issues.
4th col: My Axxess acct shows no issues
5th col: Another location in CT to the server - no issues.
6th col: Another location in JHB to the server - no issues.
It seems this is an issue unique to the IS net on the specific hop. Since I am getting nowhere fast with no Afrihost assistance, is there anybody here who has ideas on how to actually fix this?
I would like to believe this is a glitch and not a deliberate blocking attempt.
Unfortunately I am not an IS client, rather an Afrihost client and despite asking who the offending hop belongs to, being willing to take the issue up with them, I have received no answers. Unfortunately it seems Afrihost has an admin at trying to play BOFH.http://en.wikipedia.org/wiki/Bastard_Operator_From_Hell, even threatening to cancel my acct, claiming my mail server is on Spamhaus etc - but Spamhaus shows all is clean. Then he goes on (bold my own)
Interestingly that was said without any proof or any checking. I guess that is one way of trying to resolve a technical issue with a n00b.
I asked for proof of this wild allegation or demanded an apology. None was forthcoming.
It could be with a bit of support. Issues will come up from time to time. It is how you deal with issues that differentiates you as a service provider. First trying to deny an issue and when client proves that an issue exists, you attack the client, is no way of dealing with an issue. Examples: Despite Axxess messing up a while ago, they owned up to it. I privately PM'ed them and commended them. Iburst denied real issues many times and eventually lost many clients.
If you cannot even use an email client to connect to your locally hosted mail server using the RFC compliant protocol and your mail server is not blocking it (it never reached the mail server and is dropped in transit on the routing), I would not say it is as good as Axxess, MWeb or any of the other workings solutions. It's a bit like selling a luxury car that fails to start yet you claim it's superior to a clapped out Datsun. So much for the special offer.
This issue was escalated to Gian and other management, but Gian and most of senior management are out of the office. Apart from a promise to look into it by Artur, no answers have been forthcoming. Time goes by ...
With the assistance of another Afrihost client (thank you!) I managed to narrow this down to an issue with the routing and blocking my Afrihost account.
Here is a table of traces highlighting the issue:
http://174.36.167.74/trace.html
1st col: my Afrihost acct hits IP 196.38.73.114 and then drops everything after this hop on an attempt to connect to port 25 on my server. Port 80 etc works fine and allows for a full trace.
2nd col: A friend assisted and with his Afrihost account from my location, he has no issues.
3rd col: From my friend's location, the trace is similar with no issues.
4th col: My Axxess acct shows no issues
5th col: Another location in CT to the server - no issues.
6th col: Another location in JHB to the server - no issues.
It seems this is an issue unique to the IS net on the specific hop. Since I am getting nowhere fast with no Afrihost assistance, is there anybody here who has ideas on how to actually fix this?
I would like to believe this is a glitch and not a deliberate blocking attempt.
Rodent-Boy
Senior Member
Come again? What did he do?
digitaldreamer
New Member
- Joined
- Oct 7, 2005
- Messages
- 5
- Reaction score
- 0
Having the same problem. What was the solution then ?
It seems that is an ongoing issue.
I have 7 Afrihost uncapped and capped accounts, and today all of the ip's that i am being assigned are in at least three blacklists.
Perhaps a solution would be to redirect all smtp ports ( 25, 26 and 587 for me) to afrihost Smtp servers. My problem with this is that all mail clients are setup with outgoing authentication, so that they can send from any ISP.
Will the outgoing port redirection work id the clients are setup with the 3rd party mail server credentials ?
I have 7 Afrihost uncapped and capped accounts, and today all of the ip's that i am being assigned are in at least three blacklists.
Perhaps a solution would be to redirect all smtp ports ( 25, 26 and 587 for me) to afrihost Smtp servers. My problem with this is that all mail clients are setup with outgoing authentication, so that they can send from any ISP.
Will the outgoing port redirection work id the clients are setup with the 3rd party mail server credentials ?
Chris Botha
New Member
- Joined
- Mar 18, 2013
- Messages
- 1
- Reaction score
- 0
Hi
I do a lot of work at various sites in Africa for a client where I continuously have problems accessing Afrihost webmail because they block port 2095. Every time I have to get IT to contact the Johannesburg office and sometimes it takes a day or two. Is there any other way I can access Squirrel, Roundcube or Horde without using Port 2095?
I do a lot of work at various sites in Africa for a client where I continuously have problems accessing Afrihost webmail because they block port 2095. Every time I have to get IT to contact the Johannesburg office and sometimes it takes a day or two. Is there any other way I can access Squirrel, Roundcube or Horde without using Port 2095?
guest2013-1
guest
- Joined
- Aug 22, 2003
- Messages
- 19,800
- Reaction score
- 13
People tend to forget that 587 is the actual SMTP port for sending mail from the client to the server. It's always been there, just not always used. Port 25, however, was (as far memory / my understanding) is that one mail server "talks" to another mail server.
Most ISP's "hijack" port 25 traffic and pushes it through their own servers first, which totally ****s with your own settings, especially if you have your own mail servers
Tinuva
The Magician
You are correct when you say port 25 is used between smtp servers, and while it can be used by users, it can be abused by bots, and since ISPs can't prevent users from getting their pcs infected with worms and bots, their only other alternative is to hijack port 25 to help prevent the internet from being infested with spam. I commend ISPs that do this. As long as they only do it for dialup/adsl ect users and not their dedicated server hosting.
Not sure if I understand the query. To my knowledge, if you're using webmail then it should proxy to Port 80 (HTTP Port) so there shouldn't be an issue.